diff options
Diffstat (limited to 'test/java/net/URLPermission/URLTest.java')
-rw-r--r-- | test/java/net/URLPermission/URLTest.java | 240 |
1 files changed, 240 insertions, 0 deletions
diff --git a/test/java/net/URLPermission/URLTest.java b/test/java/net/URLPermission/URLTest.java new file mode 100644 index 000000000..8318c019c --- /dev/null +++ b/test/java/net/URLPermission/URLTest.java @@ -0,0 +1,240 @@ +/* + * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.net.URLPermission; +/* + * Run the tests once without security manager and once with + * + * @test + * @bug 8010464 + * @compile ../../../com/sun/net/httpserver/SimpleSSLContext.java + * @run main/othervm/policy=policy.1 URLTest one + * @run main/othervm URLTest one + * @run main/othervm/policy=policy.2 URLTest two + * @run main/othervm URLTest two + * @run main/othervm/policy=policy.3 URLTest three + * @run main/othervm URLTest three + */ + +import java.net.*; +import java.io.*; +import java.util.*; +import java.util.concurrent.*; +import java.util.logging.*; +import com.sun.net.httpserver.*; +import javax.net.ssl.*; + +public class URLTest { + static boolean failed = false; + + public static void main (String[] args) throws Exception { + boolean no = false, yes = true; + + if (System.getSecurityManager() == null) { + yes = false; + } + createServers(); + InetSocketAddress addr1 = httpServer.getAddress(); + int port1 = addr1.getPort(); + InetSocketAddress addr2 = httpsServer.getAddress(); + int port2 = addr2.getPort(); + + // each of the following cases is run with a different policy file + + switch (args[0]) { + case "one": + String url1 = "http://127.0.0.1:"+ port1 + "/foo.html"; + String url2 = "https://127.0.0.1:"+ port2 + "/foo.html"; + String url3 = "http://127.0.0.1:"+ port1 + "/bar.html"; + String url4 = "https://127.0.0.1:"+ port2 + "/bar.html"; + + // simple positive test. Should succceed + test(url1, "GET", "X-Foo", no); + test(url1, "GET", "Z-Bar", "X-Foo", no); + test(url1, "GET", "X-Foo", "Z-Bar", no); + test(url1, "GET", "Z-Bar", no); + test(url2, "POST", "X-Fob", no); + + // reverse the methods, should fail + test(url1, "POST", "X-Foo", yes); + test(url2, "GET", "X-Fob", yes); + + // different URLs, should fail + test(url3, "GET", "X-Foo", yes); + test(url4, "POST", "X-Fob", yes); + break; + + case "two": + url1 = "http://127.0.0.1:"+ port1 + "/foo.html"; + url2 = "https://127.0.0.1:"+ port2 + "/foo.html"; + url3 = "http://127.0.0.1:"+ port1 + "/bar.html"; + url4 = "https://127.0.0.1:"+ port2 + "/bar.html"; + + // simple positive test. Should succceed + test(url1, "GET", "X-Foo", no); + test(url2, "POST", "X-Fob", no); + test(url3, "GET", "X-Foo", no); + test(url4, "POST", "X-Fob", no); + break; + + case "three": + url1 = "http://127.0.0.1:"+ port1 + "/foo.html"; + url2 = "https://127.0.0.1:"+ port2 + "/a/c/d/e/foo.html"; + url3 = "http://127.0.0.1:"+ port1 + "/a/b/c"; + url4 = "https://127.0.0.1:"+ port2 + "/a/b/c"; + + test(url1, "GET", "X-Foo", yes); + test(url2, "POST", "X-Zxc", no); + test(url3, "DELETE", "Y-Foo", no); + test(url4, "POST", "Y-Foo", yes); + break; + } + shutdown(); + if (failed) { + throw new RuntimeException("Test failed"); + } + } + + public static void test ( + String u, String method, + String header, boolean exceptionExpected + ) + throws Exception + { + test(u, method, header, null, exceptionExpected); + } + + public static void test ( + String u, String method, + String header1, String header2, boolean exceptionExpected + ) + throws Exception + { + URL url = new URL(u); + System.out.println ("url=" + u + " method="+method + " header1="+header1 + +" header2 = " + header2 + +" exceptionExpected="+exceptionExpected); + HttpURLConnection urlc = (HttpURLConnection)url.openConnection(); + if (urlc instanceof HttpsURLConnection) { + HttpsURLConnection ssl = (HttpsURLConnection)urlc; + ssl.setHostnameVerifier(new HostnameVerifier() { + public boolean verify(String host, SSLSession sess) { + return true; + } + }); + ssl.setSSLSocketFactory (ctx.getSocketFactory()); + } + urlc.setRequestMethod(method); + if (header1 != null) { + urlc.addRequestProperty(header1, "foo"); + } + if (header2 != null) { + urlc.addRequestProperty(header2, "bar"); + } + try { + int g = urlc.getResponseCode(); + if (exceptionExpected) { + failed = true; + System.out.println ("FAIL"); + return; + } + if (g != 200) { + String s = Integer.toString(g); + throw new RuntimeException("unexpected response "+ s); + } + InputStream is = urlc.getInputStream(); + int c,count=0; + byte[] buf = new byte[1024]; + while ((c=is.read(buf)) != -1) { + count += c; + } + is.close(); + } catch (RuntimeException e) { + if (! (e instanceof SecurityException) && + !(e.getCause() instanceof SecurityException) || + !exceptionExpected) + { + System.out.println ("FAIL"); + //e.printStackTrace(); + failed = true; + } + } + System.out.println ("OK"); + } + + static HttpServer httpServer; + static HttpsServer httpsServer; + static HttpContext c, cs; + static ExecutorService e, es; + static SSLContext ctx; + + // These ports need to be hard-coded until we support port number + // ranges in the permission class + + static final int PORT1 = 12567; + static final int PORT2 = 12568; + + static void createServers() throws Exception { + InetSocketAddress addr1 = new InetSocketAddress (PORT1); + InetSocketAddress addr2 = new InetSocketAddress (PORT2); + httpServer = HttpServer.create (addr1, 0); + httpsServer = HttpsServer.create (addr2, 0); + + MyHandler h = new MyHandler(); + + c = httpServer.createContext ("/", h); + cs = httpsServer.createContext ("/", h); + e = Executors.newCachedThreadPool(); + es = Executors.newCachedThreadPool(); + httpServer.setExecutor (e); + httpsServer.setExecutor (es); + + // take the keystore from elsewhere in test hierarchy + String keysdir = System.getProperty("test.src") + + "/../../../com/sun/net/httpserver/"; + ctx = new SimpleSSLContext(keysdir).get(); + httpsServer.setHttpsConfigurator(new HttpsConfigurator (ctx)); + + httpServer.start(); + httpsServer.start(); + } + + static void shutdown() { + httpServer.stop(1); + httpsServer.stop(1); + e.shutdown(); + es.shutdown(); + } + + static class MyHandler implements HttpHandler { + + MyHandler() { + } + + public void handle(HttpExchange x) throws IOException { + x.sendResponseHeaders(200, -1); + x.close(); + } + } + +} |